package com.rdgzs.authority.servlet;





import java.io.IOException;

import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.SavedRequest;
import org.apache.shiro.web.util.WebUtils;

import com.rdgzs.authority.entity.User;
import com.rdgzs.framework.constant.SysConstants;

public class LoginServlet extends HttpServlet {
	private static final Log log = LogFactory.getLog(LoginServlet.class);
	private static final long serialVersionUID = 1L;
	public  static String LOGIN_VIEW = "loginView";
	public static String LOGIN_SUCCESS_VIEW = "/index.jsp";
	public final static String LOGIN_DEFAULT_VIEW = "/index.jsp";
	
	protected void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
		String errorCode = null;//1.登陆失败2."用户不存在！"3."用户名、密码不正确！"4.验证码错误
		String errorMsg = "";
		//此处有两个作用：1.失败时的跳回地址  认证时的提交地址 当认证地址为当前地址时
		//失败时 shiroError 应该不为空
		//当认证地址为当前地址时 currUser不为空说明认证成功   currUser说明没有认证
		Object shiroError = req.getAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
		User currUser = (User) req.getSession().getAttribute(SysConstants.CURR_USER);
		
		if (shiroError != null) {
			if ("org.apache.shiro.authc.UnknownAccountException".equals(shiroError)) {
				errorMsg = "未知帐号错误！";
				errorCode = "2";
			} else if ("org.apache.shiro.authc.IncorrectCredentialsException".equals(shiroError)) {
				errorMsg = "密码错误！";
				errorCode = "3";
			} else if ("com.rdgzs.authority.security.IncorrectCaptchaException".equals(shiroError)) {
				errorMsg = "验证码错误！";
				errorCode = "4";
			} else if ("org.apache.shiro.authc.AuthenticationException".equals(shiroError)) {
				errorMsg = "认证失败！";
				errorCode = "1";
			}
		}
		//退出的情况
		req.setAttribute("errorCode", errorCode);
		req.setAttribute("errorMsg", errorMsg);
		
		if (currUser != null) {//认证后又调自己的地址
			WebUtils.redirectToSavedRequest(req, res, this.LOGIN_SUCCESS_VIEW);
		} else {//没认证前的访问
			SavedRequest savedReq = WebUtils.getSavedRequest(req);
			req.getRequestDispatcher(this.LOGIN_VIEW).forward(req, res);
		}
	}
	
	public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		doGet(request, response);
	}
	
	public void init(ServletConfig config) throws ServletException {
		super.init(config);
		String loginView = config.getInitParameter("loginView");
		String loginSuccessView = config.getInitParameter("loginSuccessView");
		if (StringUtils.isNotBlank(loginSuccessView)) {
			LOGIN_SUCCESS_VIEW = loginSuccessView;
		}else{
			LOGIN_SUCCESS_VIEW = LOGIN_DEFAULT_VIEW;
		}
		if (StringUtils.isNotBlank(loginView)) {
			LOGIN_VIEW = loginView;
		}
	}
}